---
###############################################################################
# Controller node configuration.

# User with which to access the controllers via SSH during bootstrap, in order
# to setup the Kayobe user account. Default is {{ os_distribution }}.
controller_bootstrap_user: "{{ os_distribution }}"

###############################################################################
# Controller groups.

# Ansible inventory group in which Ironic conductor services are deployed.
# Default is 'controllers'.
controller_ironic_conductor_group: controllers

# Ansible inventory group in which Ironic inspector services are deployed.
# Default is 'controllers'.
controller_ironic_inspector_group: controllers

# Ansible inventory group in which control plane load balancer services are
# deployed. Default is 'network'.
controller_loadbalancer_group: network

# Ansible inventory group in which network data plane services are deployed.
# Default is 'network'.
controller_network_group: network

###############################################################################
# Controller network interface configuration.

# List of networks to which controller nodes are attached.
controller_network_interfaces: >
  {{ (controller_default_network_interfaces +
      controller_extra_network_interfaces +
      (controller_network_host_network_interfaces
       if inventory_hostname in groups['network'] else [])) | select | unique | list }}

# List of default networks to which controller nodes are attached.
controller_default_network_interfaces: >
  {{ [admin_oc_net_name,
      oob_wl_net_name,
      provision_wl_net_name,
      inspection_net_name,
      internal_net_name,
      storage_net_name,
      swift_storage_net_name,
      cleaning_net_name] | select | unique | list }}

# List of extra networks to which controller nodes are attached.
controller_extra_network_interfaces: []

# List of network interfaces to which network nodes are attached.
controller_network_host_network_interfaces: >
  {{ (controller_network_host_default_network_interfaces +
      controller_network_host_extra_network_interfaces) | select | unique | list }}

# List of default network interfaces to which network nodes are attached.
controller_network_host_default_network_interfaces: >
  {{ ([admin_oc_net_name,
       internal_net_name,
       storage_net_name,
       public_net_name,
       tunnel_net_name] +
      external_net_names) | select | unique | list }}

# List of extra networks to which network nodes are attached.
controller_network_host_extra_network_interfaces: []

###############################################################################
# Controller node BIOS configuration.

# Dict of controller BIOS options. Format is same as that used by stackhpc.drac
# role.
controller_bios_config: "{{ controller_bios_config_default | combine(controller_bios_config_extra) }}"

# Dict of default controller BIOS options. Format is same as that used by
# stackhpc.drac role.
controller_bios_config_default: {}

# Dict of additional controller BIOS options. Format is same as that used by
# stackhpc.drac role.
controller_bios_config_extra: {}

###############################################################################
# Controller node RAID configuration.

# List of controller RAID volumes. Format is same as that used by stackhpc.drac
# role.
controller_raid_config: "{{ controller_raid_config_default + controller_raid_config_extra }}"

# List of default controller RAID volumes. Format is same as that used by
# stackhpc.drac role.
controller_raid_config_default: []

# List of additional controller RAID volumes. Format is same as that used by
# stackhpc.drac role.
controller_raid_config_extra: []

###############################################################################
# Controller node software RAID configuration.

# List of software RAID arrays. See mrlesmithjr.mdadm role for format.
controller_mdadm_arrays: []

###############################################################################
# Controller node encryption configuration.

# List of block devices to encrypt. See stackhpc.luks role for format.
controller_luks_devices: []

###############################################################################
# Controller node LVM configuration.

# List of controller volume groups. See mrlesmithjr.manage_lvm role for
# format.
controller_lvm_groups: "{{ controller_lvm_groups_default + controller_lvm_groups_extra }}"

# Default list of controller volume groups. See mrlesmithjr.manage_lvm role for
# format.
controller_lvm_groups_default: "{{ [controller_lvm_group_data] if controller_lvm_group_data_enabled | bool else [] }}"

# Additional list of controller volume groups. See mrlesmithjr.manage_lvm role
# for format.
controller_lvm_groups_extra: []

# Whether a 'data' LVM volume group should exist on controller hosts. By
# default this contains a 'docker-volumes' logical volume for Docker volume
# storage. Default is false.
controller_lvm_group_data_enabled: false

# Controller LVM volume group for data. See mrlesmithjr.manage_lvm role for
# format.
controller_lvm_group_data:
  vgname: data
  disks: "{{ controller_lvm_group_data_disks }}"
  create: True
  lvnames: "{{ controller_lvm_group_data_lvs }}"

# List of disks for use by controller LVM data volume group. Default to an
# invalid value to require configuration.
controller_lvm_group_data_disks:
  - changeme

# List of LVM logical volumes for the data volume group.
controller_lvm_group_data_lvs:
  - "{{ controller_lvm_group_data_lv_docker_volumes }}"

# Docker volumes LVM backing volume.
controller_lvm_group_data_lv_docker_volumes:
  lvname: docker-volumes
  size: "{{ controller_lvm_group_data_lv_docker_volumes_size }}"
  create: True
  filesystem: "{{ controller_lvm_group_data_lv_docker_volumes_fs }}"
  mount: True
  mntp: /var/lib/docker/volumes

# Size of docker volumes LVM backing volume.
controller_lvm_group_data_lv_docker_volumes_size: 75%VG

# Filesystem for docker volumes LVM backing volume. ext4 allows for shrinking.
controller_lvm_group_data_lv_docker_volumes_fs: ext4

###############################################################################
# Controller node sysctl configuration.

# Dict of sysctl parameters to set.
controller_sysctl_parameters: {}

###############################################################################
# Controller node tuned configuration.

# Builtin tuned profile to use. Format is same as that used by giovtorres.tuned
# role. Default is throughput-performance.
controller_tuned_active_builtin_profile: "throughput-performance"

###############################################################################
# Controller node user configuration.

# List of users to create. This should be in a format accepted by the
# singleplatform-eng.users role.
controller_users: "{{ users_default }}"

###############################################################################
# Controller node firewalld configuration.

# Whether to install and enable firewalld.
controller_firewalld_enabled: false

# A list of zones to create. Each item is a dict containing a 'zone' item.
controller_firewalld_zones: []

# A firewalld zone to set as the default. Default is unset, in which case the
# default zone will not be changed.
controller_firewalld_default_zone:

# A list of firewall rules to apply. Each item is a dict containing arguments
# to pass to the firewalld module. Arguments are omitted if not provided, with
# the following exceptions:
# - offline: true
# - permanent: true
# - state: enabled
controller_firewalld_rules: []

###############################################################################
# Controller node swap configuration.

# List of swap devices. Each item is a dict containing a 'device' item.
controller_swap: []